<?
$email= isset($_POST['email']) ? $_POST['email'] : "";
$password= isset($_POST['password']) ? $_POST['password'] : "";
$sid= isset($_GET['sid']) ? $_GET['sid'] : "";
if(!empty($name) && !empty($sid))
{
	if(!empty($password))
	{
		$password=md5($password);
		$dbsql->query("update ".$GLOBALS['first_table']."tbluser set cPassword='$password',cSId='' where cUserName='$name' and cSId='$sid'");
		echo "<center>Change Password Success!</center>";
		echo "<center><a href='index.php?opt=login'>Login</a></center>";
		exit();
	}
	$rs=$dbsql->query("select * from ".$GLOBALS['first_table']."tbluser where cUserName='$name' and cSId='$sid'");
	if($rq=$dbsql->fetch_array($rs))
	{	
		include "templates/main/newpassword.tpl";
		exit();
	}	
}
if(!empty($email))
{
	$rs=$dbsql->query("select * from ".$GLOBALS['first_table']."tbluser where cEmail='$email'");
	if($rq=$dbsql->fetch_array($rs))
	{
		$sid=md5(time().$email);
		$dbsql->query("update ".$GLOBALS['first_table']."tbluser set cSId='$sid' where iUserId='".$rq['iUserId']."'");
		
		$message="Dear Provide Support Customer,<br>";
		$message.="Thank you for your login information recovery request. <br>";
		$message.="Please open this link to change password:<br>";
		$message.="<a href='".$path_main."/index.php?opt=forgot&name=".$rq['cUserName']."&sid=".$sid."'>";
		$message.=$path_main."/index.php?opt=forgot&name=".$rq['cUserName']."&sid=".$sid."</a><br>";
		$message.="Enter the following information into the Customer Login form at the top of the screen:  <br>";
		$message.=" Login:    ".$rq['cUserName']."<br>";
		$message.="If you continue having problems with logging in or need any other assistance,";
		$message.=" please contact us in our support YH: ".$root_yahoo."<br>";
		$message.="Thank you,<br>";
		
		if(send_email($email,"","Forgot Password Live Support",$message))
		{
			$alert="A email send to: ".$email;
		}else
		{
			$alert="Error to send mail!";
		}
	}else
	{
		$alert="Email not Exist!";
	}
}
?>